The international discussion forum - View Single Post

femuse · 11-25-2004, 10:12 PM

HELP ! ! ! ! !

on Nov 19, 13.03 my time, c.a.d 19.03 in France.

I definitively tracked it down from a link I accessed from this site.

Anybody else reported that? I do I get rid of it ?

I use AVG free version and it looks like it is unable to do it. It deleted one labelled "virus" , and left this one:

in C:\WINDOWS\Local Settings\Temporary Internet Files\Content.IE5\UXOHGJE5
Trojan Horse. Downloader Agent.3.OB mmviewer_101[1].cab : "infected - embedded object"

It looks like it is fairly well known.

I think it comes from my clicking on Kajtek signature "un peu de musique?". I found a pop-up I got at the same time as the virus: thisdaythatyear.com

I won't try to go there again. Maybe Kajtek could let us know if thisdaythatyear.com has anything to do with his signature. Did I reach that from another link on this site?
thisdaythatyear.com MAY BE responsible, but I am not trying to blame somebody here - I am just trying to heal my computer.

In C:\WINDOWS\Local Settings\......\27EL6XS5
I found: "Catoa19z.htm", here is its content: [I tried to break everything in little piece to make it safe]

*** Code Download Log entry (19 Nov 2004 @ 13:03:38) ***

Code Download Error: (hr = 800b0004) Trust verification failed!!

Operation failed. Detailed Information:

CodeBase: http:

//fad-408.mtl4.targetnet.com/ad/id=vijaykittu&opt=hkj
&pt=13735638087446892303&pfin=HSAHF5RIAKNK&
cv=210&uid=1218803726&url=http:
//www.ouchvideo.com/mmviewer_101.cab

CLSID: {EBBD88E5-C372-469D-B4C5-1FE00352AB9B}

Extension:

Type:

LOG: Reporting Code Download Completion: (hr:800b0004 (FAILED), CLASSID: ebbd88e5..., szCODE:
(http://fad-408.mtl4.targetnet.com/ad...kittu&opt=hkj&
pt=13735638087446892303&pfin=HSAHF5RIAKNK&cv=
210&uid=1218803726&url=http:
//www.ouchvideo.com/mmviewer_101.cab), MainType:
((null), MainExt:
(null))

--- Detailed Error Log Follows ---

LOG: Download OnStopBinding called (hrStatus = 0 / hrResponseHdr = 0).

LOG: URL Download Complete: hrStatus:0, hrOSB:800b0004, hrResponseHdr:0, URL:
(http://fad-408.mtl4.targetnet.com/ad/id=vijaykittu&
opt=hkj&pt=13735638087446892303&
pfin=HSAHF5RIAKNK&cv=210&uid=1218803726&
url=http:
//www.ouchvideo.com/mmviewer_101.cab)

LOG: Reporting Code Download Completion: (hr:800b0004 (FAILED), CLASSID: ebbd88e5..., szCODE:
(http://fad-408.mtl4.targetnet.com/ad/id=vijaykittu&
opt=hkj&pt=13735638087446892303&
pfin=HSAHF5RIAKNK&cv=210&uid=1218803726&
url=http:
//www.ouchvideo.com/mmviewer_101.cab), MainType:
(null), MainExt:
(null))

I don't know a thing about computers, but I wonder: "Trust verification failed!!" could that mean it is not really an active virus ?

... and the one deleted by AVG was inst201[1].exe
in C:\WINDOWS\Local Settings\......\SRUZ2F2X

Does that mean the virus is now disabled ?

HELP ! ! ! ! !

11-25-2004, 10:12 PM	#1 (permalink)
femuse Senior International Member Join Date: Oct 2004 Posts: 209 femuse is an unknown character at this point	I got a virus_here HELP ! ! ! ! ! on Nov 19, 13.03 my time, c.a.d 19.03 in France. I definitively tracked it down from a link I accessed from this site. Anybody else reported that? I do I get rid of it ? I use AVG free version and it looks like it is unable to do it. It deleted one labelled "virus" , and left this one: in C:\WINDOWS\Local Settings\Temporary Internet Files\Content.IE5\UXOHGJE5 Trojan Horse. Downloader Agent.3.OB mmviewer_101[1].cab : "infected - embedded object" It looks like it is fairly well known. I think it comes from my clicking on Kajtek signature "un peu de musique?". I found a pop-up I got at the same time as the virus: thisdaythatyear.com I won't try to go there again. Maybe Kajtek could let us know if thisdaythatyear.com has anything to do with his signature. Did I reach that from another link on this site? thisdaythatyear.com MAY BE responsible, but I am not trying to blame somebody here - I am just trying to heal my computer. In C:\WINDOWS\Local Settings\......\27EL6XS5 I found: "Catoa19z.htm", here is its content: [I tried to break everything in little piece to make it safe] * Code Download Log entry (19 Nov 2004 @ 13:03:38) * Code Download Error: (hr = 800b0004) Trust verification failed!! Operation failed. Detailed Information: CodeBase: http: //fad-408.mtl4.targetnet.com/ad/id=vijaykittu&opt=hkj &pt=13735638087446892303&pfin=HSAHF5RIAKNK& cv=210&uid=1218803726&url=http: //www.ouchvideo.com/mmviewer_101.cab CLSID: {EBBD88E5-C372-469D-B4C5-1FE00352AB9B} Extension: Type: LOG: Reporting Code Download Completion: (hr:800b0004 (FAILED), CLASSID: ebbd88e5..., szCODE: (http://fad-408.mtl4.targetnet.com/ad...kittu&opt=hkj& pt=13735638087446892303&pfin=HSAHF5RIAKNK&cv= 210&uid=1218803726&url=http: //www.ouchvideo.com/mmviewer_101.cab), MainType: ((null), MainExt: (null)) --- Detailed Error Log Follows --- LOG: Download OnStopBinding called (hrStatus = 0 / hrResponseHdr = 0). LOG: URL Download Complete: hrStatus:0, hrOSB:800b0004, hrResponseHdr:0, URL: (http://fad-408.mtl4.targetnet.com/ad/id=vijaykittu& opt=hkj&pt=13735638087446892303& pfin=HSAHF5RIAKNK&cv=210&uid=1218803726& url=http: //www.ouchvideo.com/mmviewer_101.cab) LOG: Reporting Code Download Completion: (hr:800b0004 (FAILED), CLASSID: ebbd88e5..., szCODE: (http://fad-408.mtl4.targetnet.com/ad/id=vijaykittu& opt=hkj&pt=13735638087446892303& pfin=HSAHF5RIAKNK&cv=210&uid=1218803726& url=http: //www.ouchvideo.com/mmviewer_101.cab), MainType: (null), MainExt: (null)) I don't know a thing about computers, but I wonder: "Trust verification failed!!" could that mean it is not really an active virus ? ... and the one deleted by AVG was inst201[1].exe in C:\WINDOWS\Local Settings\......\SRUZ2F2X Does that mean the virus is now disabled ? HELP ! ! ! ! !
(Offline)